CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в postgresql-11

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

5.4CVSS6.7AI score0.01099EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в postgresql-11

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses...

4.2CVSS6.7AI score0.00613EPSS

OSV•added 2026/04/03 1:27 p.m.•1 views

JLSEC-2026-41

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security...

5.4CVSS5.9AI score0.00226EPSS

Exploits0References6

OSV•added 2026/04/03 1:27 p.m.•0 views

JLSEC-2026-49

4.2CVSS6.6AI score0.00613EPSS

Exploits0References4

RedhatCVE•added 2025/11/28 4:57 a.m.•6 views

CVE-2025-13680

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. This is due to the plugin allowing a user to update the user role through the $user-setrole function. This makes it possible for authenticated attackers, with Subscriber-level access...

8.8CVSS5.8AI score0.00056EPSS

Exploits0References1

EUVD•added 2025/11/27 6:31 a.m.•3 views

EUVD-2025-199798

8.8CVSS5.3AI score0.00056EPSS

Exploits0References3

CVE•added 2025/11/27 4:36 a.m.•9 views

CVE-2025-13680

CVE-2025-13680 affects the WordPress Tiger theme (versions up to and including 101.2.1). The vulnerability is an Authenticated Privilege Escalation where an attacker with Subscriber-level access or higher can exploit the plugin to elevate privileges via the $user->set_role() function, potentia...

8.8CVSS5.4AI score0.00056EPSS

Positive Technologies•added 2025/11/27 12:0 a.m.•3 views

PT-2025-48231

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. This is due to the plugin allowing a user to update the user role through the $user-set role function. This makes it possible for authenticated attackers, with Subscriber-level acces...

8.8CVSS5.8AI score0.00056EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-0560

Malware in sbrugna...

6.5CVSS6.1AI score0.01839EPSS

Exploits0References12

Tenable Nessus•added 2025/08/18 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2024-10978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires...

4.2CVSS6.3AI score0.00613EPSS

Redos•added 2024/12/11 12:0 a.m.•239 views

ROS-20241211-02

CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

8.8CVSS8.6AI score0.06356EPSS

Exploits1

RedHat Linux•added 2024/12/05 9:17 a.m.•1 views

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability...

RedHat Linux•added 2024/12/05 9:15 a.m.•2 views

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

RedHat Linux•added 2024/12/05 9:15 a.m.•2 views

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

Tenable Nessus•added 2024/12/05 12:0 a.m.•14 views

AlmaLinux 8 : postgresql:13 (ALSA-2024:10832)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10832 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS7.5AI score0.06356EPSS

Exploits1References5

RedHat Linux•added 2024/12/04 3:41 p.m.•1 views

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID